Never Use a Brain Wallet¶
Among many reasons why people find it hard to use cryptocurrency there's a simple one -- memorising the private key is too hard. So, people invented brain wallet, which turns a string of words into a private key and thus wallet.
It's genius in that now a user needs only to memorise whatever he or she used to create the wallet. You can turn your name, phone number, DoB, favourite quote, lover's home address, ..., literally anything into a cryptocurrency wallet. However, this also means that if someone else successfully guessed the passphrase you used, they can sweep all the coins you have!
Python brain wallet for Bitcoin¶
After a little bit of research, I've put together a simple brain wallet Python script that turns any input string to a legal Bitcoin private key and its address.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 |
|
Easily "cracking" a wallet¶
Let me show you some really easy-to-guess passphrases and their associated private keys and addresses. As an example, the code below uses "password" as the input passphrase and derives the private key and address from it.
81 82 83 84 85 86 |
|
The output is:
1 2 3 |
|
As at May 22, 2019, this address has 45,014 transactions with a total of 0.3563 BTC (of course the balance is zero)! You can check its current balance at blockchain.com. Also, congratulations, you are now one of the many owners of this address/wallet. So next time you observe some coins transfered to it, you'll be able to use it as well (though I don't suggest you to do so)!
Some other "cracked" wallets¶
I explored a little bit more and it's surprising to find out how easy it is to crack a wallet this way. Below is a table of some passphrases and their associated keys and addresses.
Passphrase | Private Key | Address | Used |
---|---|---|---|
satoshi | da2876b3eb31edb4436fa4650673fc6f01f90de2f1793c4ec332b2387b09726f | 1ADJqstUMBB5zFquWg19UqZ7Zc6ePCpzLE | True |
bitcoin | 6b88c087247aa2f07ee1c5956b8e1a9f4c7f892a70e324f1bb3d161e05ca107b | 1E984zyYbNmeuumzEdqT8VSL8QGJi3byAD | True |
hello world | b94d27b9934d3e08a52e52d7da7dabfac484efe37a5380ee9088f7ace2efcde9 | 1CS8g7nwaxPPprb4vqcTVdLCuCRirsbsMb | True |
testing | cf80cd8aed482d5d1527d7dc72fceff84e6326592848447d2dc0b0e87dfc9a90 | 1JdDsbYYRSpsTnBVgenruULVeUjt5z6WnR | True |
god | 5723360ef11043a879520412e9ad897e0ebcb99cc820ec363bfecc9d751a1a99 | 1KxmSmcMTmPvU1qSLYpJLrqnSzBoQ53NXN | True |
terminator | aa802f654e3ae7aaa1b73f8724056a05e2691accea8dd90057916080f84d7e93 | 18kvt3D6K1CG8MxGP6ke7q6vLU5NGpLZdR | True |
abc | ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad | 1NEwmNSC7w9nZeASngHCd43Bc5eC2FmXpn | True |
And a lot of swear words are used as well, but I'm just going to skip them.
Apart from the single world and short phrases, some people do use famous quotes. As an example, see this one from A Tale of Two Cities:
it was the best of times it was the worst of times
Its corresponding private key is af8da705bfd95621983e5cf4232ac1ca0c79b47122e3defd8a98fa9a4387d985
and its address is 17WenQJaYvqCNumebQU54TsixWtQ1GQ4ND. It has received 1 BTC in total but again the balance is zero, lol.
Concluding remark¶
Never use a brain wallet. Because if you can think of it, someone else might also be able to come up with same passphrase. But, if you are comfortable or absolutely sure that your passphrase is secret, feel free to use the script above and make yourself a wallet. 😏